Cyber Security Vulnerability & Tech Compliance Manager JG6 Bellville, Western Cape, South Africa Santam BITS has a career opportunity for a senior role as Cyber Security Vulnerability and Technical Compliance Manager in the Business Information and Technology Services (BITS) department, which is based in the Western Cape or Gauteng.
KEY RESPONSIBILITIES Receive weekly Qualys scans of IT systems, networks, and applications for internal and external vulnerabilities uploaded to the QlikView reporting system.
Prioritise the vulnerabilities from most critical to least threatening.
Conduct weekly meetings with accountable departments to highlight, prioritise and solution their vulnerabilities.
Design a process for the departments to accept responsibility and commit to a timeline in which they will resolve and fix the vulnerability.
Keep track of commitments and escalate to senior management as required.
Promote these vulnerabilities to risks in the Cura system should the outstanding time reach the threshold.
Develop and implement a comprehensive technical compliance program based on relevant industry standards and regulations.
Ensure alignment with frameworks such as ISO 27001, NIST, GDPR, HIPAA, or other applicable standards depending on the industry.
Conduct regular compliance audits and assessments to verify adherence to established technical standards and policies.
Provide guidance to cross-functional teams on compliance requirements and assist in the resolution of compliance-related issues.
Coordinate and oversee the deployment of security patches and updates to address vulnerabilities promptly, in conjunction with infrastructure management and our service provider.
Establish and maintain a structured process for patch management, ensuring minimal disruption to ongoing operations.
Support the implementation of patch management using tools implemented by our service providers.
Collaborate with the incident response team to develop and enhance incident response plans related to vulnerabilities.
Participate in the investigation and resolution of security incidents related to vulnerabilities.
Maintain detailed records of vulnerabilities, assessments, and compliance activities.
Generate and present regular reports on the status of vulnerabilities, compliance posture, and remediation progress to key stakeholders.
Conduct training sessions to educate employees on security best practices and compliance requirements.
Foster a culture of security awareness and compliance throughout the organization.
Evaluate and enhance security and compliance processes continually.
Stay abreast of emerging technologies and industry trends to recommend and implement improvements to the organization's security posture.
QUALIFICATIONS AND EXPERIENCE Bachelor's degree in information security, Computer Science, or a related field.
Professional certifications such as CISSP, CISM, or equivalent.
5 years of experience in vulnerability management, technical compliance, and information security.
5 years of strong knowledge of security frameworks, standards, and regulations.
Familiarity with security technologies and tools, including vulnerability scanning tools.
Excellent communication and collaboration skills.
Ability to work effectively in a dynamic and fast-paced environment.
COMPETENCIES Building and maintaining relationships.
Teamwork and ability to function independently.
Facilitation Skills.
Planning and organising.
Ability to work independently.
Interpersonal savvy.
Plans and aligns.
Optimises work processes.
Cultivates innovation.
Drives results.
Curiosity and Open-Mindedness.
Negotiation.
Reporting and Administration.
ADDITIONAL COMPETENCIES AND SKILLS Honesty, integrity, and respect.
Ability to co-operate and thrive both within an independent and team environment.
Project Management.
Reporting and Administration.
Business Requirements Definition.
Compliance Monitoring.
ABOUT THE COMPANY Santam is the leading short-term insurer in South Africa.
Along with its subsidiaries, the business transacts all classes of short-term insurance.
Santam is a large, diversified, and transforming company and our success is rooted in our passion for our clients.
Everything we do is centered on our delivery of Insurance Good and Proper.
Please note this appointment will be made in line with the Divisional Employment Equity targets.
People with disabilities are welcome to apply.
#J-18808-Ljbffr